Its almost like there needs to be a pre-ssr render method. Something that looks at the current request (cookie) and then fetches the authentication info to verify the user is actually logged in and the token is valid, before the rendering occurs.

Without that, done-ssr will never render my application as if I were logged in, right?

Well ssr does setup all XHR requests made during ssr with the same cookie that the browser made the initial page request with. This works in bitballs. I don’t know enough about feathers to know where things might be going wrong. I’ll see if I can find someone that does.